The Justice Department has disrupted a massive Chinese-backed hacking operation allegedly targeting U.S. devices, highlighting the growing threat of state-sponsored cyber attacks.
At a Glance
- DOJ dismantled a botnet of over 200,000 consumer devices allegedly used by Chinese hackers.
- The botnet was reportedly controlled by the PRC-backed group “Flax Typhoon” for cyber espionage.
- The operation took control of hackers’ infrastructure and disabled malware.
- The FBI is notifying U.S. device owners through internet service providers.
- Officials are warning of ongoing threats from Chinese state-sponsored hacks.
DOJ Strikes Back Against Chinese Cyber Threat
In a bold move to protect American cybersecurity, the Department of Justice has successfully disrupted a massive botnet operation linked to Chinese state-sponsored hackers. The botnet, known as “Flax Typhoon,” had allegedly infected over 200,000 consumer devices across the United States and globally, posing a significant threat to national security and individual privacy.
The operation, carried out with court authorization, targeted a sophisticated network of compromised devices including home routers, IP cameras, and network storage devices. These infected machines were reportedly being used by hackers associated with the People’s Republic of China (PRC) to conceal their malicious activities and gather sensitive information from American targets.
Today, we announced an #FBI led operation to disrupt a botnet used by China-based hackers known as Flax Typhoon, which infected more than 200,000 consumer devices in the U.S. and worldwide. Read more about this court-authorized operation with our partners: https://t.co/ovOiQNnm2c
— FBI (@FBI) September 18, 2024
Unmasking the Cyber Culprits
The botnet was reportedly developed and controlled by a group calling itself “Integrity Technology Group,” which posed as a legitimate IT firm while secretly collecting intelligence for Chinese government security agencies. This revelation underscores the deceptive tactics employed by foreign actors to infiltrate American networks and compromise national security.
“The Justice Department is zeroing in on the Chinese government backed hacking groups that target the devices of innocent Americans and pose a serious threat to our national security,” said Attorney General Merrick B. Garland.
The FBI’s investigation corroborated earlier findings by Microsoft, which had reported on Flax Typhoon’s activities targeting various sectors since 2021. This collaborative effort between government agencies and private sector cybersecurity firms highlights the importance of information sharing in combating sophisticated cyber threats.
A Decisive Blow to Chinese Cyber Operations
By taking control of the hackers’ infrastructure and sending disabling commands to the malware, U.S. authorities effectively neutralized the threat. Even when the hackers attempted to regroup and launch a distributed denial-of-service (DDoS) attack against the FBI, their efforts were swiftly thwarted.
“This was another successful disruption, but make no mistake — it’s just one round in a much longer fight,” FBI Director Christopher Wray said. “The Chinese government is going to continue to target your organizations and our critical infrastructure, either by their own hand or concealed through their proxies.”
This operation follows a previous takedown of another Chinese hacking group, Volt Typhoon, which had targeted critical U.S. infrastructure. The back-to-back successes demonstrate the U.S. government’s growing capabilities and determination to counter cyber threats from foreign adversaries.
Protecting American Interests in Cyberspace
As part of the ongoing effort to secure American networks, the FBI is notifying U.S. owners of affected devices through their internet service providers. This proactive approach aims to help individuals and organizations remove any remaining malware and strengthen their cyber defenses against future attacks.
The operation’s success also highlights the importance of international cooperation in cybersecurity. U.S. authorities worked closely with French counterparts and private sector partners like Lumen Technologies’ Black Lotus Labs to dismantle the botnet’s global infrastructure.
As cyber threats continue to evolve, the Justice Department’s resolute stance against state-sponsored hacking serves as a powerful deterrent. However, officials warn that vigilance remains crucial, as Chinese-backed groups are likely to persist in their efforts to compromise American security and steal sensitive information.
Sources
- Court-Authorized Operation Disrupts Worldwide Botnet Used by People’s Republic of China State-Sponsored Hackers
- U.S. and allies seize control of massive Chinese tech spying network
- Justice Department disrupts vast Chinese hacking operation that infected consumer devices